Easter Seals Jobs

WHO WE ARE

As the nation's largest producer of clean, carbon-free energy, Constellation is focused on our purpose: accelerating the transition to a carbon-free future. We have been the leader in clean energy production for more than a decade, and we are cultivating a workplace where our employees can grow, thrive, and contribute.

Our culture and employee experience make it clear: We are powered by passion and purpose. Together, we're creating healthier communities and a cleaner planet, and our people are the driving force behind our success. At Constellation, you can build a fulfilling career with opportunities to learn, grow and make an impact. By doing our best work and meeting new challenges, we can accomplish great things and help fight climate change. Join us to lead the clean energy future.

TOTAL REWARDS

Constellation offers a wide range of benefits and rewards to help our employees thrive professionally and personally. We provide competitive compensation and benefits that support both employees and their families, helping them prepare for the future. In addition to highly competitive salaries, we offer a bonus program, 401(k) with company match, employee stock purchase program; comprehensive medical, dental and vision benefits, including a robust wellness program; paid time off for vacation, holidays, and sick days; and much more.

Expected salary range of $141,300 to $157,000, varies based on experience, along with comprehensive benefits package that includes bonus and 401(k).

PRIMARY PURPOSE OF POSITION

The Cyber Defense Threat Hunter researches cyber threats and trends and collaborates with Cyber Defense Threat Intelligence Analysts in the development, application, and maintenance of cyber threat profiles and countermeasures. This role will lead the development of advanced analytical models capable of proactively identifying anomalous activity based on available information sources and knowledge of adversary tradecraft. It will provide targeted threat analysis to find hard to detect vulnerabilities, nefarious threat actors and insider threat activities. This role will create invaluable synergies and enhance the overall Cyber Defense Operations mission effectiveness. The cyber threat hunter brings a human sensor element to a highly automated cyber defense program and will leverage the MITRE ATT&CK framework to define playbooks for detecting anomalous activity on and off the network to include monitoring for Constellation interests on the Dark Web. The Cyber Threat Hunter will liaise with external agencies to enable and support threat identification activities and incident response.This role will act as the primary threat advisor to Cyber IT management to include the Chief Information Security Officer.

PRIMARY DUTIES AND ACCOUNTABILITIES

• Performs advanced threat research to proactively uncover new threat actor groups, insider threat indicators, malware, vulnerabilities, tools, and techniques and work with security teams to improve prevention and detection countermeasures

• Develops unique cyber indicators to maintain constant awareness of the status of the highly dynamic operating environment. Collects, processes, analyzes, and disseminates cyber warning assessments

• Provide written and verbal communications to management to address real-time issues and incidents, including writing formal incident reports to inform, train, and/or mentor staff at all levels on cyber threat hunting topics related to threat awareness, process improvement, or general cyber security concepts and practices

• Maintain knowledge of emerging security technologies and discipline developments

MINIMUM QUALIFICATIONS

• Minimum of 8 combined years of experience in IT, Information Security, Cyber Response, Cyber Hunting or Threat Intelligence.

• At least 3 years progressive leadership experience in cyber investigations.

• Strong analytical skills

• Strong verbal and written communication skills; interpersonal collaborative skills; and the ability to communicate cybersecurity and risk-related concepts to technical and non-technical audiences

• Demonstrate the ability to provide written and verbal communications to management to address real-time issues and incidents, including writing formal incident reports

• Effective team player, looking beyond organizational boundaries to consider the perspective of others and build trust

• Experience with common threat intelligence models and application to threat hunting to incluce cyber kill-chain, ATT&CK framework, and modern penetration testing techniques

• Detailed understanding of Advanced Persistent Threat (APT), Cybercrime, and Hacktivist tactics and techniques

• Must demonstrate knowledge of tactics, techniques and procedures (TTP) associated with malicious insider activity, fraud groups, and other threat actors.

• Knowledge of offensive security, with the ability to think like an adversary when hunting and responding to incidents

• Deep understanding of the threat landscape and are experienced in applying that knowledge to identify trends to anticipate shifts in TTPs and to create detections

• Strong understanding of TCP/IP networks and associated tools

• Hands-on operations experience of one or more of the following; Intrusion Protection Systems (IPS), Firewalls, Wireless Intrusion Protection Systems (WIPS), Web Application Firewall (WAF) and other security technologies

• Experience with Security Information and Event Management (SIEM) tools

• Experience with User and Entity Behavior Analytics (UEBA) tools and implementation with insider threat detection and identification activities

• Advanced knowledge of operating system internals and security mechanisms.

• Experience analyzing attacker techniques at all stages of a breach.

• Skilled working with extremely large data sets, using tools and scripting languages such as: SQL/KQL, Python, Splunk, and PowerBI.

• Understanding of Apple, Linux and Windows Operating systems

• Knowledge of network design processes, to include understanding of security objectives, operational objectives, and tradeoffs

• Knowledge of new and emerging and cyber security technologies

PREFERRED QUALIFICATIONS

• Bachelor's Degree in Computer Science or a related 4-year technical degree and 8+ years of IT or Cyber Security experience, or equivalent combination of education and experience

• Experience in a security operations center or similar environment tracking threat actors and responding to incidents

• Experience with security devices such as SIEM, IDS/IPS, HIDS/HIPS, anomaly detection, Firewall, Antivirus systems, Endpoint Detection & Response tools and their log output

• Experience in network-focused forensics and threat hunting utilizing both Deep Packet Inspection (i.e. full packet capture) and EDR solutions

• Strong experience with digital forensics on host or network from malware perspective; ability to identify anomalous behavior on network or endpoint devices.

• Strong knowledge of network communications, routing protocols, to include HTTP, DNS, DHCP, SMTP, NTP, SSH, FTP

• Knowledge of regulatory standards and compliance requirements and common internet applications/standards

• Certifications in one or more of the following: Certified Information Systems Security Professional (CISSP), GIAC Certified Incident Handler (GCIH), GIAC Reverse Engineering Malware (GREM), GIAC Certified Forensic Analyst (GCFA), GIAC Network Forensics Analyst (GNFA), Offensive Security (OSCP/OSCE/etc), or other relevant certifications

Constellation is proud to be an equal opportunity employer and employees or applicants will receive consideration for employment without regard to: age, color, disability, gender, national origin, race, religion, sexual orientation, gender identity, protected veteran status, or any other classification protected by federal, state, or local law.